Sudo and #!/bin/sh scripts -- question re permissions

If I enter this command in a console: sudo ifconfig
of course I get the reply “sudo: ifconfig: command not found”
because sudo has a different path from root user.

But if I make a script called, containing ifconfig like so:


and execute it with this command: sudo ./
well I get the correct answer. It finds the application ifconfig and runs it this time.

What I don’t understand is why “ifconfig” is found and executed properly when I run the script as sudo. Is that different from runnning the command directly as: “sudo ifconfig”?

Can someone please explain the nuance here that I don’t understand.


If you add

echo $PATH

just before ifconfig in your script, it will be clear how it finds ifconfig. As to why $PATH is set when running a shell script, when you run

sudo ifconfig

no init files are read, so $PATH doesn’t change. When you run

sudo ./

It gets settings from init files. As to which init file it gets it from, a search

# grep -r "$PATH" /etc

matched /etc/default/su, and the line is:


A search showed that $SUPATH is the initial $PATH for root. Presumably sudo is following precedent. This is poorly documented, I didn’t see any mention of SUPATH in any man page.

Thank you. Clear now.

Ther is a similar effect when using su.

Using just


will make you root without changing your environment (including the PATH variable).


su -

Does start an new shell including all initialisation as done during at login (in a console/terminal). This means that things like .bashrc and .profile from the home directory of root are used and, among other things, the PATH according to these files is set. For security reasons this is important. A normal user may have added directories (including the infamous ./) to his PATH that contain programs with names (like ls) that can create everyting from amazement to disaster when executed as root.

So I always advise to use the - sign with su.

I wonder if one calling

sudo ifconfig

as ‘a’ user is sure that the right program is run?

Thanks hcvv. Clearer and clearer.

Actually FYI I asked this because I wrote some code that interrogates the system for some information. It wasn’t a bash script. It is a compiled executable. But I was wondering why it will run fine with “sudo program_name” when I expected to be required to run it as “su -c program_name”.

No big deal but I was curious how it happens.

Ken_yap and you have shone a light on all of that for me now. Thanks guys.